Teknikode
/
TeknikOld
Watch 3
Star 4
Fork 0
Code Issues 1 Pull Requests 0 Releases 3 Wiki Activity
Teknik is a suite of services with attractive and functional interfaces. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
353 Commits
2 Branches
Tree: 8c9484f13f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '8c9484f13f'
${ noResults }
TeknikOld/includes/update_profile.php

update_profile.php 7.2KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219 
  1. <?php

  2. require_once('config.php');

  3.  

  4. //initialize php variables used in the form

  5. $current_password = "";

  6. $password = "";

  7. $password_confirm = "";

  8. $theme = "";

  9. $public_key = "";

  10. $minecraft = "";

  11. $website = "";

  12. $profile_image = "";

  13. $quote = "";

  14. $about = "";

  15. $blog_title = "";

  16. $blog_description = "";

  17. $error = "";

  18.  

  19. //check to see that the form has been submitted

  20. if(isset($_POST))

  21. {

  22.     array_filter($_POST, 'trim_value');    // the data in $_POST is trimmed

  23.     $postfilter =    // set up the filters to be used with the trimmed post array

  24.       array(

  25.               'website'                        =>    array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW),

  26.               'quote'                            =>    array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW),

  27.               'about'                            =>    array('filter' => FILTER_SANITIZE_STRING, 'flags' => !FILTER_FLAG_STRIP_LOW),

  28.               'blog_title'                            =>    array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW),

  29.               'blog_desc'                            =>    array('filter' => FILTER_SANITIZE_STRING, 'flags' => !FILTER_FLAG_STRIP_LOW)

  30.           );

  31.           

  32.     $revised_post_array = filter_var_array($_POST, $postfilter);    // must be referenced via a variable which is now an array that takes the place of $_POST[]

  33. 

  34.     //retrieve the $_POST variables

  35.     $current_password = rawurldecode($_POST['current_password']);

  36.     $password = rawurldecode($_POST['password']);

  37.     $password_confirm = rawurldecode($_POST['password_confirm']);

  38.     $theme = rawurldecode($_POST['theme']);

  39.     $public_key = rawurldecode($_POST['public_key']);

  40.     //$minecraft = rawurldecode($revised_post_array['minecraft']);

  41.     $website = rawurldecode($revised_post_array['website']);

  42.     $quote = rawurldecode($revised_post_array['quote']);

  43.     $about = rawurldecode($revised_post_array['about']);

  44.     $blog_title = rawurldecode($revised_post_array['blog_title']);

  45.     $blog_description = rawurldecode($revised_post_array['blog_desc']);

  46.     

  47.     //initialize variables for form validation

  48.     $success = true;

  49.     

  50.     if($success && !$logged_in)

  51.     {

  52.       $error = "You must be logged in to update your profile.";

  53.       $success = false;

  54.     }

  55.     

  56.     if($success && strlen($quote) > 140)

  57.     {

  58.       $error = "The maximum length for your quote is 140 characters.";

  59.       $success = false;

  60.     }

  61.     

  62.     if($success && strlen($blog_title) > 50)

  63.     {

  64.       $error = "The maximum length for your blog title is 50 characters.";

  65.       $success = false;

  66.     }

  67.     

  68.     if($success && strlen($blog_description) > 140)

  69.     {

  70.       $error = "The maximum length for your blog description is 140 characters.";

  71.       $success = false;

  72.     }

  73.     

  74.     $change_password = false;

  75.     if($success && $current_password)

  76.     {

  77.       //check to see if passwords match

  78.       if($success && hashPassword($current_password, $CONF) != $user->hashedPassword)

  79.       {

  80.           $error = "Current Password does not match.";

  81.           $success = false;

  82.       }

  83.       

  84.       //check to see if passwords match

  85.       if($success && !$password)

  86.       {

  87.           $error = "You need to specify a new password.";

  88.           $success = false;

  89.       }

  90.       

  91.       //check to see if passwords match

  92.       if($success && $password != $password_confirm)

  93.       {

  94.           $error = "New Passwords do not match.";

  95.           $success = false;

  96.       }

  97.       

  98.       if($success)

  99.       {

  100.         $change_password = true;

  101.       }

  102.     }

  103. 

  104.     if(!array_key_exists($theme, $CONF['themes']))

  105.     {

  106.       $error = "Invalid Theme Choice.";

  107.       $success = false;

  108.     }

  109.     

  110.     $keys = explode(",", $public_key);

  111.     foreach ($keys as $key)

  112.     {

  113.       $pattern = "/^(ssh-rsa)\s([0-9A-Za-z\/\+]+)([=]*)((\s.*)|())$/";

  114.       if($success && $key && !preg_match($pattern, $key))

  115.       {

  116.         $error = "Invalid Public Key.<br />Please make sure it follows this format.<br /><b>ssh-rsa [0-9A-Za-z/+ ]</b>";

  117.         $success = false;

  118.         break;

  119.       }

  120.     }

  121.  

  122.     if($success)

  123.     {

  124.         //prep the data for saving in a new user object

  125.         if ($change_password)

  126.         {

  127.           $user->hashedPassword = hashPassword($password, $CONF); //encrypt the password for storage

  128.           if (!$CONF['dev_env'])

  129.           {

  130.             $obBaseApp = new COM("hMailServer.Application");

  131.             $obBaseApp->Connect();

  132.             $obBaseApp->Authenticate($CONF['mail_admin_user'], $CONF['mail_admin_pass']);

  133.             $domain = $obBaseApp->Domains->ItemByName($CONF['host']);

  134.             

  135.             $account = $domain->Accounts->ItemByAddress($user->username . "@" . $CONF['host']);

  136.             $account->Password = $password;

  137.             $account->Save();

  138.           }

  139.         }

  140.         

  141.         // Add the user's keys to his git account

  142.         if ($public_key != $user->public_key)

  143.         {

  144.           $dir = $CONF['git_key_dir'].'u\\'.$user->username;

  145.           if (is_dir($dir))

  146.           {

  147.             foreach (glob($dir."\\*") as $filename)

  148.             {

  149.               if (is_file($filename))

  150.               {

  151.                 unlink($filename);

  152.               }

  153.             }

  154.           }

  155.           

  156.           if (!is_dir($dir))

  157.           {

  158.             mkdir($dir, 0777, true);

  159.           }

  160.           $index = 0;

  161.           $keys = explode(",", $public_key);

  162.           foreach ($keys as $key)

  163.           {

  164.             preg_match($pattern, $key, $matches);

  165.             if (trim($matches[2]) != "")

  166.             {

  167.               $key = "ssh-rsa " . $matches[2];

  168.               

  169.               $keyFileName = $dir."\\".$user->username."@Key".$index.".pub";

  170.               $fileHandle = fopen($keyFileName, 'w');

  171.               fwrite($fileHandle, $key);

  172.               fclose($fileHandle);

  173.               $index++;

  174.             }

  175.           }

  176.           putenv("HOME=/home/git");

  177.           $result = shell_exec('bash --login -c "'.$CONF['gitolite_path'].'gitolite trigger SSH_AUTHKEYS"');

  178.         }

  179.         

  180.         /*

  181.         if ($minecraft != $user->minecraft_user)

  182.         {

  183.           // code to add/remove user from permissionsex

  184.           // Connect to the server

  185.           $r = new minecraftRcon($CONF['minecraft_server'], $CONF['rcon_port'], $CONF['rcon_pass']);

  186. 

  187.           // Authenticate, and if so, execute command(s)

  188.           if ( $r->Auth() ) {

  189.             $r->mcRconCommand('pex user '.$user->minecraft_user." group remove Member");

  190.             $r->mcRconCommand('pex user '.$minecraft." group add Member");

  191.           }

  192.         }

  193.         */

  194.         $user->theme = $theme;

  195.         $user->public_key = $public_key;

  196.         //$user->minecraft_user = $minecraft;

  197.         $user->website = $website;

  198.         $user->quote = $quote;

  199.         $user->about = $about;

  200.         $user->blog_title = $blog_title;

  201.         $user->blog_desc = $blog_description;

  202.         

  203.         //update the user in the database

  204.         $user->save($db);

  205.         

  206.         unset($_POST);

  207.         echo "true";

  208.     }

  209.     else

  210.     {

  211.       unset($_POST);

  212.       echo $error;

  213.     }

  214. }

  215. else

  216. {

  217.   echo "$_POST is not set.";

  218. }

  219. ?>